It seems like it isn't possible to know if the source code of an open source app has been tampered with before deployment. Are there safeguards in place against this? Is building from source the only way to be safe?
At the end of the day, the Telegram team's responsible for building the code, generating apps and pushing them to app stores. I'd say the chances of the app being tampered with are rather low. Conversely, since the code is out in the open, the chances of vulnerabilities/exploits/leaks being discovered <i>and</i> fixed are higher.<p>Disclaimer - I'm a regular Telegram user, been using the app for over a year.